Sr. IT Compliance Analyst

Information Technology Chicago, Illinois

Join the FHLBC team!

At the Federal Home Loan Bank of Chicago, employees come first.  That’s why we offer a highly competitive compensation and bonus package, and access to a comprehensive benefits program designed to meet the needs of our employees.

  • Medical, dental and vision insurance
  • Retirement program (401k and Pension)
  • Generous PTO plan
  • 10 paid holidays per year
  • Work from home options
  • Casual dress code

Position Summary:

The Sr. IT Compliance Analyst provides a secure and protected environment for the Bank’s data and systems by evaluating IT controls, performing application assessments, identifying areas of non-compliance, and developing improvements to operational deficiencies.

Essential Duties & Responsibilities:
  • Executes the internal IT compliance testing program. This includes: internal IT controls and compliance reviews; and remediation testing of issues identified during regulatory inspections or internal assessments.
  • Advises IT stakeholders on the effectiveness of corrective action plans in the event of non-compliance or detected vulnerabilities in their environment.
  • Ensures controls and risks are documented and updated as needed.
  • Proactively identifies technology risks and provides recommendations to mitigate risks.
  • Independently evaluates and analyzes operational risk issues, offers recommendations for improvement, and communicates results to management and other key stakeholders.
  • Assists in the administration of IT policies, standards, processes, and procedures.
  • Ensures proper log monitoring, reporting and escalation of non-compliant activity.
  • Performs coordination and tracking of open audit and policy exceptions.
  • Contributes to various project requests from Internal/External Audit and Enterprise Risk Management to increase operational efficiency, strengthen IT environment, and help meet the Bank’s internal and external regulatory or compliance requirements.
  • Assists in developing and administering ongoing IT compliance monitoring and governance activities.
  • Performs ad-hoc IT compliance requests or additional duties as assigned.
  • Builds and maintains positive working relationships with stakeholders, including in application owners, business partners, and management in support of IT Risk and Compliance processes.

Experience & Educational Requirements:
  • 4 year college degree in information technology or equivalent experience
  • 4-8 years of IT security, IT audit and compliance, or IT risk management experience.
  • 8-10 years of experience necessary without a degree.
  • Security certification is highly preferred (CISSP, CISA, CRISC, CGEIT, etc.)
Software Requirements:
  • MS Office product (notably Outlook, Word, Excel, and Access) knowledge.
  • Compliance Monitoring tool exposure (Varonis, Splunk, McAfee Database Activity Monitoring, Tripwire) preferred
  • Tableau business intelligence and analytic reporting tool.
Knowledge, Skills, Abilities & Behaviors Required:
  • Must have good communication (verbal, written, and listening) skills.
  • Advanced knowledge of IT security controls.
  • Advanced knowledge of evaluating internal controls and developing recommendations.
  • Advanced knowledge of project management principles (planning, organizing, and managing assessment process).
  • Must be a self-starter, with the ability to work in a fast paced environment, both independently and as part of a team.
  • A high level of integrity and dependability are necessary to perform this role.
  • Strong analytical and organizational skills with attention to detail and accuracy.